Ubuntu-sudo in PHP exec

Source: Internet
Author: User

Label:

The web version of the recently written firewall requires the Linux system commands to be called in PHP, but firewall-related executions require administrator privileges to execute.

Under Ubuntu, Apache2 's running account defaults to Www-data, and by default it is not possible to get admin privileges via sudo. Checked, tried a few ways, done.

#1 just in case, check Apache's running account.

<? PHP exec ("WhoAmI",$output,$result); Print_r ($output);? >

Run and get the current account Www-data

#2 give sudo permission with Www-data, and password free

Command line input: Nano/etc/sudoers or Visudo

Insert a row www-data all= (all:all) Nopasswd:all

As shown

#3 applications

<? PHP exec ("sudo iptables-save",$output,$result); Print_r ($result);? >

As shown above, you can execute the shell under Administrator privileges

It is important to note that the actions above will pose a significant security risk to the server because Www-data users can elevate to administrator privileges without requiring a password. If Apache is taken down by the bad guys, then the server will be easily taken down ~ ~ Need to be cautious ~ ~

Ubuntu-sudo in PHP exec

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Tags Index: